ADTRAN AOS Version R10.1.0 Command Reference Manual page 873

Command Reference Guide Global Configuration Mode Command Set
The two types of method lists created using the aaa authentication login command are a default list and
a named list. A default list is one that is created and automatically applied to all line interfaces at the global
level. A named method list is one that does not perform any action until it is manually applied to an
interface. Named AAA login authentication method lists are applied to line interfaces using the login
authentication <listname> command from the appropriate line interface configuration mode (Line
(Console) Interface Command Set on page 1464, Line (Telnet) Interface Command Set on page 1498, or
Line (SSH) Interface Command Set on page 1481).
To use TACACS+ servers to perform login authentication, the TACACS+ servers must be configured prior
to creating the method list. You can configure all TACACS+ servers in the system using the command
tacacs-server on page 1357. You can configure individual TACACS+ servers using the command
tacacs-server host on page 1358. Once the TACACS+ servers have been configured, you can use all
TACACS+ servers for authentication by using the group tacacs+ method. If you only want to use some of
the available TACACS+ servers for authentication, you can create a named server group and add the
TACACS+ servers to the group. Server groups are created using the command aaa group server on page
886 and servers are added to the group as outlined in the TACACS+ Group Command Set on page 3361.
To use RADIUS servers to perform login authentication, the RADIUS servers must be configured prior to
creating the method list. You can configure all RADIUS servers in the system using the command
radius-server on page 1300. You can configure individual RADIUS servers using the command
radius-server host on page 1302. Once the RADIUS servers have been configured, you can use all
RADIUS servers for authentication by using the group radius method. If you only want to use some of the
available RADIUS servers for authentication, you can create a named server group and add the RADIUS
servers to the group. Server groups are created using the command aaa group server on page 886 and
servers are added to the group as outlined in the RADIUS Group Command Set on page 3296.
For more information about AAA authentication, or AAA configuration in general, refer to the Configuring
AAA in AOS configuration guide available online at https://supportforums.adtran.com.
Usage Examples
The following example creates a login authentication list called myList and specifies using the local
database as the first method, myGroup as the second method, and line password as the third method for
login authentication:
(config)#aaa authentication login myList local group myGroup line
The following command sets the default authentication list for logins to use the local database as the first
authentication method:
(config)#aaa authentication login default local
60000CRG0-35E Copyright © 2012 ADTRAN, Inc. 873